summaryrefslogtreecommitdiffstats
path: root/Doc/library
diff options
context:
space:
mode:
authorBenjamin Peterson <benjamin@python.org>2011-05-20 16:41:59 (GMT)
committerBenjamin Peterson <benjamin@python.org>2011-05-20 16:41:59 (GMT)
commitc7dd737ef712b9b847dae35422ce3c64efc3d580 (patch)
treefe2ae42b22c1767ca442377cd55b3972cddba776 /Doc/library
parentda5b852c7ccc6486df1e7d36862441448cad37f7 (diff)
parent249b508c98d99597c170bdb9d6a4b1d56d839ebd (diff)
downloadcpython-c7dd737ef712b9b847dae35422ce3c64efc3d580.zip
cpython-c7dd737ef712b9b847dae35422ce3c64efc3d580.tar.gz
cpython-c7dd737ef712b9b847dae35422ce3c64efc3d580.tar.bz2
merge 3.1
Diffstat (limited to 'Doc/library')
-rw-r--r--Doc/library/os.rst21
1 files changed, 20 insertions, 1 deletions
diff --git a/Doc/library/os.rst b/Doc/library/os.rst
index fe785fc..4a0c7dc 100644
--- a/Doc/library/os.rst
+++ b/Doc/library/os.rst
@@ -895,7 +895,26 @@ Files and Directories
Using :func:`access` to check if a user is authorized to e.g. open a file
before actually doing so using :func:`open` creates a security hole,
because the user might exploit the short time interval between checking
- and opening the file to manipulate it.
+ and opening the file to manipulate it. It's preferable to use :term:`EAFP`
+ techniques. For example::
+
+ if os.access("myfile", os.R_OK):
+ with open("myfile") as fp:
+ return fp.read()
+ return "some default data"
+
+ is better written as::
+
+ try:
+ fp = open("myfile")
+ except OSError as e:
+ if e.errno == errno.EACCESS:
+ return "some default data"
+ # Not a permission error.
+ raise
+ else:
+ with fp:
+ return fp.read()
.. note::